Authentication with unusual URLs

What do you want to see in Armagetron soon? Any new feature ideas? Let's ponder these ground breaking ideas...
Post Reply
User avatar
delinquent
Match Winner
Posts: 705
Joined: Sat Jul 07, 2012 3:07 am

Authentication with unusual URLs

Post by delinquent »

I'm building an easy-to-access auth service, and I've discovered what may be a bit of a bug. My URL
(https://armathentication.vixen.international) is perfectly valid according to today's TLD standards, but isn't recognised by Armagetron. The other possibility I'm considering is that HTTPS is playing funny with requests - but ideally, that should be fine, because Apache is set up to automatically rewrite HTTP to HTTPS.

This is the result of attempting to login with my new service:
Capture.PNG
Is it perhaps something to do with my use of a subdomain?
Last edited by delinquent on Sat Aug 08, 2020 6:01 pm, edited 1 time in total.

User avatar
Z-Man
God & Project Admin
Posts: 11369
Joined: Sun Jan 23, 2005 6:01 pm
Location: Cologne
Contact:

Re: Authentication with unusual URLs

Post by Z-Man »

We're using a very primitive HTTP fetcher. IIRC, it doesn't support https.

User avatar
delinquent
Match Winner
Posts: 705
Joined: Sat Jul 07, 2012 3:07 am

Re: Authentication with unusual URLs

Post by delinquent »

What, if anything, does Armagetron include in the header? If I can identify requests from Armagetron and allow only those to be processed over HTTP, I'll do that instead.

User avatar
Z-Man
God & Project Admin
Posts: 11369
Joined: Sun Jan 23, 2005 6:01 pm
Location: Cologne
Contact:

Re: Authentication with unusual URLs

Post by Z-Man »

I don't have a clue. The fetcher is nanohttp as it comes with libxml, if that helps.

User avatar
delinquent
Match Winner
Posts: 705
Joined: Sat Jul 07, 2012 3:07 am

Re: Authentication with unusual URLs

Post by delinquent »

Now that's interesting. nanohttp contains a method for xmlNanoHTTPAuthHeader, which might have some unique value. I'll take a trawl over the source later.

Meanwhile, what are the chances of getting a shortlink? It's a long URL to type, and the idea was to create an easy to access authentication service for new players.


Edit: I'm loking through the source now, and found the call to nanohttp in nKrawallPrivate.cpp at line 461. Is this the actual code used, or is it leftover unused code from the attempted partnership with Krawall GN?

User avatar
Z-Man
God & Project Admin
Posts: 11369
Joined: Sun Jan 23, 2005 6:01 pm
Location: Cologne
Contact:

Re: Authentication with unusual URLs

Post by Z-Man »

That's the actual code in nKrawall*. We never bothered to change the internal names :)

The conditions for when you can get a short URI are written somewhere... I think the main one was that your authority needs to be open for anyone to register. Tank is in control of the relevant DNS entries, he is usually responsive on IRC.

Post Reply